For sustainable, long-term application security, both developers and information security professionals must embrace their new roles created by DevSecOps.
Posted in Agile, CI/CD & DevOps, Application Security | Comments Off on Report: Security and development teams need to ‘embrace’ new roles in DevSecOps
For Thanksgiving, let’s talk about what we’re thankful for: the trends, processes, and technologies that have had a positive impact on software security.
Posted in Agile, CI/CD & DevOps, Application Security, Cloud Security, Featured, Software Compliance, Quality & Standards | Comments Off on Ask the Experts: How has software security improved in the last few years?
Learn how our CloudBees partnership helps users optimize CI/CD and automate AppSec Testing, and steps to take after you get an open source audit report.
Posted in Agile, CI/CD & DevOps, Mergers & Acquisitions, Open Source Security, Webinars | Comments Off on [Webinars] CI/CD optimization and automated testing, open source audit reports
Modern application development organizations must integrate and automate DevOps security tools such as IAST into CI/CD pipelines to speed developers.
Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST) | Comments Off on How DevOps security tools support modern applications
CloudBees Core users can add Synopsys AST offerings to their pipelines to boost their software security posture without slowing down application delivery.
Posted in Agile, CI/CD & DevOps | Comments Off on CloudBees and Synopsys: Putting ‘Sec’ into DevSecOps
Our Seeker FAQ provides answers about Seeker IAST, active verification, integration into CI/CD pipelines, configuration, sensitive-data tracking, and more.
Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST) | Comments Off on Seeker FAQ: Interactive application security testing and CI/CD
To support the launch of Binary Authorization, we’re releasing Black Duck for Google Cloud Build to help ensure your images are free of policy violations.
Posted in Agile, CI/CD & DevOps, Container Security, News & Announcements, Open Source Security, Software Composition Analysis (SCA) | Comments Off on Introducing Black Duck for Google Cloud Build
Learn how interactive application security testing (IAST) fits into any CI/CD pipeline and how to secure your Azure CI/CD Pipelines with Synopsys Detect.
Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST), Webinars | Comments Off on [Webinars] Secure your CI/CD pipelines with IAST and Synopsys Detect
Practice DevSecOps with automated continuous testing, defend your apps from security tool misuse, and learn how Coverity and ThreadFix enable developers.
Posted in Agile, CI/CD & DevOps, Developer Enablement, Webinars | Comments Off on [Webinars] DevOps, security tool abuse, Coverity and ThreadFix
Secure coding training isn’t required in most computer science programs. How can you fill the gaps in your developers’ education without slowing them down?
Posted in Agile, CI/CD & DevOps, Developer Enablement, Security Training & Awareness | Comments Off on How to teach developers secure coding without slowing them down
